Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8168882

keytool doesn't print certificate info if disabled algorithm was used for signing a jar

    Details

    • Subcomponent:
    • Introduced In Build:
      b142
    • Introduced In Version:
      9
    • Resolved In Build:
      b145
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Verified

      Backports

        Description

        "keytool -printcert" is supposed to print info about certificate which was used to sign a jar file. It says "Not a signed jar file" if one of disabled algorithms (see "jdk.jar.disabledAlgorithms" security property) was used for jar signing.

        Please see attached signed jars:
        signed-app-md2-rsa-2048.jar - signed with MD2withRSA
        signed-app-md5-rsa-2048.jar - signed with MD5withRSA

        The following command doesn't work with JDK 9 b142:

        keytool -printcert -jarfile signed-app-md5-rsa-2048.jar

        It would be better if "-printcert" command printed info about singers even if they use disabled algorithms.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  asmotrak Artem Smotrakov
                  Reporter:
                  asmotrak Artem Smotrakov
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Due:
                    Created:
                    Updated:
                    Resolved: